<?php
/*
 * Email a recipe
 */

F3::call('authentication.php');
if (F3::exists('auth_error'))
{
  	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "User is not authenticated.");
	echo json_encode($err);
	return;
}

if (!F3::exists('POST.recipe_id') || !F3::exists('POST.email')):
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Email and recipe id are required.");
	echo json_encode($err);
	return;
endif;

$rid = F3::exists('POST.recipe_id');
$email = F3::exists('POST.email');
$id = F3::get('SESSION.user_id');

// does recipe exist?
$rid = F3::get('POST.recipe_id');
$param = array('1'=>$rid);
$result = DB::sql("SELECT rid from recipes where rid = ?", $param);
if(count($result)==0):
	//the recipe doesn't exist
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Recipe does not exist.");
	echo json_encode($err);
	return;
endif;


$directions = DB::sql("SELECT step, details from directions where rid = ?", $param);
$result = DB::sql("SELECT * from recipes where rid = ?", $param);
if($id):
	$params = array('1'=>$rid, '2'=>$id);
	$favorite = DB::sql("SELECT count(*) as count from favorites where rid = ? and uid = ? ", $params);
	if(count($favorite)==0 || ($favorite[0]['count']==0)):
		$favorite = 0;
	else:
		$favorite = 1;
	endif;
else:
	$favorite = 0;
endif;
$tags = DB::sql("SELECT tid as tag_id, t.name from recipe_tags rt, tags t where rid = ? and rt.tid=t.id ", $param);
$ingredients = DB::sql("SELECT quantity, m.name as measurement, m.abbrev, i.name as ingredient, optional, r.inid as ingredient_id, r.mid as measurement_id from recipe_ingredients r, ingredients i, measurements m where rid = ? and r.inid=i.id and r.mid=m.id", $param);
$response = array();

foreach($result as $row):
	$response['name'] = $row['name'];
	$author = $row['author'];
	$param = array('1'=>$author);
	$temp = DB::sql("SELECT email,nickname from user where id = ?", $param);
	$author_email = $temp[0]['email'];
	$nickname = $temp[0]['nickname'];
	$response['author_email'] = $author_email;
	$response['author_nickname'] = $nickname;
	$response['author'] = $row['author'];
	$response['Date'] = $row['Date'];
	$response['prep_time'] = $row['prep_time'];
	$response['inactive_time'] = $row['inactive_time'];
	$response['cook_time'] = $row['cook_time'];
	$privacy = $row['privacy'];
	$response['yield'] = $row['yield'];
	$response['ingredients'] = $ingredients;
	$response['directions'] = $directions;
	$response['tags'] = $tags;
	break;
endforeach;


// check that user is authorized to view recipe
$user = F3::get('SESSION.user_id');
//$user = 15;
$param = array('1'=>$author,'2'=>$user);
$friend = DB::sql("SELECT id1 from friends where id1 = ? and id2 = ?", $param);
if((($privacy==1 || $privacy==2) && $user!=$author)):
	// user is not authorized to view recipe
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Not authorized to email this recipe.  (Privacy: $privacy, User: $user, Author: $author)");
	echo json_encode($err);
	return;
endif;

// email recipe
$to = $email;
$subject = "Recipe from Spork";
//$subject = "Recipe from Spork: ".$response[0]['name'];
$message = "Nom, nom, nom";
//$headers = 	'From: '.F3::get('SESSION.email') . "\r\n" .
//			'Reply-To: '.F3::get('SESSION.email') . "\r\n";
$headers = "From: Kristy <kristyacaster@gmail.com>";

if(mail($to,$subject,$message,$headers)):
	header('HTTP/1.1 200');
	header("Content-Type: application/json");
	$response = "Recipe emailed.";
	echo json_encode($response);
	return;
else:
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Problem mailing recipe.");
	echo json_encode($err);
	return;
endif;
?>